Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Adding Release Automation #1122

Merged
merged 12 commits into from
Feb 2, 2023
Merged

feat: Adding Release Automation #1122

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
abecc22
Adding release automation step
whizzzkid Dec 20, 2022
c392dd9
blocking step
whizzzkid Dec 20, 2022
123ef85
unneeded check
whizzzkid Dec 20, 2022
8648ba1
path renaming
whizzzkid Dec 20, 2022
7fcb39d
Merge branch 'main' into feat/release-automation
whizzzkid Jan 3, 2023
55fc56c
Merge branch 'main' into feat/release-automation
whizzzkid Jan 23, 2023
5845bc4
feat: :recycle: Refactor ci:build:stable
whizzzkid Jan 23, 2023
b06eb91
feat: :package: Create Release Asset for Stable Env
whizzzkid Jan 23, 2023
cc82db8
Merge branch 'main' into feat/release-automation
whizzzkid Jan 24, 2023
e91de0c
Merge branch 'main' into feat/release-automation
whizzzkid Jan 24, 2023
a9305bb
Merge branch 'main' into feat/release-automation
SgtPooki Jan 27, 2023
d7a3bea
feat: :pushpin: Pinning github-actions versions
whizzzkid Feb 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 59 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,3 +92,62 @@ jobs:

- name: Show Cache
run: du -h ${{ github.workspace }}/.cache/* || true

release-pr:
runs-on: ubuntu-latest
needs: [test]
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this only needs to run on push after the tests have succeeded. Creates a release-pr based on conventional-commits commit strategy (which we already follow)

This defines what a release PR is: https://github.com/google-github-actions/release-please-action#whats-a-release-pr

steps:
- uses: google-github-actions/release-please-action@v3
with:
release-type: node
package-name: ipfs-companion
changelog-notes-type: github
command: release-pr
Comment on lines +103 to +106
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • auto-increments the computed semver
  • names the package
  • creates changelog
  • only creates the release PR

This PR can stay around for as long as it's needed, as soon as that gets merged it pushes the release tags.


release-assets:
runs-on: ubuntu-latest
needs: [test]
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
lidel marked this conversation as resolved.
Show resolved Hide resolved
steps:
- name: Check out Git repository
uses: actions/checkout@v1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why downgrading to checkout@v1?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other actions from the actions namespace also seem to be outdated. I'd recommend updating them all.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't recall what I was thinking, now everything should be updated to latest. The only problem here would be that it's not easy to test github actions locally. I did manually verify that the api we require is not broken between versions. 🤞🏽


- name: Install Node.js
uses: actions/setup-node@v1
with:
node-version: 18

- name: Restore .cache
uses: actions/cache@v2
id: cache
with:
path: ${{ github.workspace }}/.cache
key: ${{ runner.os }}-${{ hashFiles('package*json', 'package-lock.json', '*config.js') }}
restore-keys: |
${{ runner.os }}-${{ hashFiles('package*json', 'package-lock.json', '*config.js') }}
${{ runner.os }}-

- name: Restore node_modules
id: yarn-cache
uses: actions/cache@v2
with:
path: node_modules
key: ${{ runner.os }}-${{ hashFiles('**/package-lock.json') }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just FYI: aegir actually has a great github action that allows us to cache node-modules. we should be using that most places to ensure we're consistent.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/ipfs/aegir/blob/master/actions/cache-node-modules/action.yml#L27-L36

that action seems to cache dist too. In this case we don't need that, it will create a conflict as we build stable version later, we don't want that to be cached. We just need node_modules.


- name: Install dependencies
if: steps.yarn-cache.outputs.cache-hit != 'true'
run: npm run ci:install

- name: Build Stable Release
run: npm run ci:build:stable

- name: Release
uses: softprops/action-gh-release@v1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ @whizzzkid any reason why we are not reusing google-github-actions/release-please-action here with command set to github-release?

Not a blocker, but softprops/action-gh-release being a personal account of an individual has a higher risk of being compromised, and that could inject code that would ship to our users.

If we have to use it, please pin it to a specific revision before merging this PR:

Suggested change
uses: softprops/action-gh-release@v1
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844

For future reference, remember to add to the safelist at https://github.com/ipfs/ipfs-companion/settings/actions:

2023-01-31-231838_819x604_scrot

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the callout on adding specific version and whitelisting this.

Not a blocker, but softprops/action-gh-release being a personal account of an individual has a higher risk of being compromised, and that could inject code that would ship to our users.

google-github-actions/release-please-action doesn't seem to have documentation on creating a draft release. It just pushes the release (that's what i tested on other repo).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like https://github.com/google-github-actions/release-please-action/pull/398/files seems to suggest there is draft: boolean but it does not support uploading files, which we want, I'll try creating documentation for them.

with:
files: build/*.zip
lidel marked this conversation as resolved.
Show resolved Hide resolved
fail_on_unmatched_files: true
generate_release_notes: true
draft: true
append_body: true
body: 'Automated Release, please upload artifacts to respective webstores and mark this draft as released.'
6 changes: 4 additions & 2 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,10 +56,12 @@
"ci": "run-s ci:*",
"ci:install": "npm ci --prefer-offline --no-audit --progress=false",
"ci:build": "npm run build",
"ci:build:stable": "RELEASE_CHANNEL=stable npm run ci:build",
lidel marked this conversation as resolved.
Show resolved Hide resolved
"ci:build:beta": "RELEASE_CHANNEL=beta npm run ci:build",
"ci:test": "npm test",
"ci:lint": "npm run lint",
"beta-build": "docker rmi -f ipfs-companion-beta-build && docker build -t ipfs-companion-beta-build --build-arg USER_ID=$(id -u ${USER}) --build-arg GROUP_ID=$(id -g ${USER}) . && mkdir -p build && docker run --rm --net=host -e RELEASE_CHANNEL=beta -v $(pwd)/build:/home/node/app/build ipfs-companion-beta-build npm run ci:build",
"release-build": "docker rmi -f ipfs-companion-release-build && docker build -t ipfs-companion-release-build --build-arg USER_ID=$(id -u ${USER}) --build-arg GROUP_ID=$(id -g ${USER}) . && mkdir -p build && docker run --rm --net=host -e RELEASE_CHANNEL=stable -v $(pwd)/build:/home/node/app/build ipfs-companion-release-build npm run ci:build",
"beta-build": "docker rmi -f ipfs-companion-beta-build && docker build -t ipfs-companion-beta-build --build-arg USER_ID=$(id -u ${USER}) --build-arg GROUP_ID=$(id -g ${USER}) . && mkdir -p build && docker run --rm --net=host -v $(pwd)/build:/home/node/app/build ipfs-companion-beta-build npm run ci:build:beta",
"release-build": "docker rmi -f ipfs-companion-release-build && docker build -t ipfs-companion-release-build --build-arg USER_ID=$(id -u ${USER}) --build-arg GROUP_ID=$(id -g ${USER}) . && mkdir -p build && docker run --rm --net=host -v $(pwd)/build:/home/node/app/build ipfs-companion-release-build npm run ci:build:stable",
"dev-build": "npm ci && npm run build",
"yarn-build": "npm run dev-build",
"compose:e2e:prepare": "docker compose --file docker-compose.e2e.yml pull && docker compose --file docker-compose.e2e.yml build",
Expand Down